ȵ

e717fad7 · guanghongwei · 386d6a1c · e717fad7 · e717fad7 · e717fad7
Commit e717fad7 authored Mar 19, 2015 by guanghongwei
11 changed files
--- a/connect.py
+++ b/connect.py
@@ -174,7 +174,6 @@ def get_user_host(username):
 def get_connect_item(username, ip):
-    cryptor = PyCrypt(KEY)
    asset = get_object(Asset, ip=ip)
    port = asset.port
@@ -192,12 +191,12 @@ def get_connect_item(username, ip):
    }
    if asset.login_type in login_type_dict:
-        password = cryptor.decrypt(login_type_dict[asset.login_type])
+        password = CRYPTOR.decrypt(login_type_dict[asset.login_type])
        return username, password, ip, port
    elif asset.login_type == 'M':
        username = asset.username
-        password = cryptor.decrypt(asset.password)
+        password = CRYPTOR.decrypt(asset.password)
        return username, password, ip, port
    else:
@@ -286,7 +285,7 @@ def remote_exec_cmd(ip, port, username, password, cmd):
        stdin, stdout, stderr = ssh.exec_command("bash -l -c '%s'" % cmd)
        out = stdout.readlines()
        err = stderr.readlines()
-        color_print('%s:' %ip, 'blue')
+        color_print('%s:' % ip, 'blue')
        for i in out:
            color_print(" " * 4 + i.strip(), 'green')
        for j in err:

--- a/jumpserver/api.py
+++ b/jumpserver/api.py
@@ -128,6 +128,14 @@ class PyCrypt(object):
        ciphertext = cryptor.encrypt(text)
        return b2a_hex(ciphertext)
+    def decrypt(self, text):
+        cryptor = AES.new(self.key, self.mode, b'0000000000000000')
+        try:
+            plain_text = cryptor.decrypt(a2b_hex(text))
+        except TypeError:
+            raise ServerError('Decrypt password error, TYpe error.')
+        return plain_text.rstrip('\0')
 CRYPTOR = PyCrypt(KEY)

--- a/jumpserver/templatetags/mytags.py
+++ b/jumpserver/templatetags/mytags.py
@@ -6,7 +6,7 @@ import time
 from django import template
 from juser.models import User, UserGroup, DEPT
 from jasset.models import BisGroup
-from jumpserver.api import user_perm_asset_api
+from jumpserver.api import *
 register = template.Library()
@@ -78,6 +78,16 @@ def bool2str(value):
        return u'否'
+@register.filter(name='user_readonly')
+def user_readonly(user_id):
+    user = User.objects.filter(id=user_id)
+    if user:
+        user = user[0]
+        if user.role == 'CU':
+            return False
+    return True
 @register.filter(name='member_count')
 def member_count(group_id):
    group = UserGroup.objects.get(id=group_id)

--- a/juser/urls.py
+++ b/juser/urls.py
@@ -13,18 +13,19 @@ urlpatterns = patterns('juser.views',
    (r'^dept_detail/$', 'dept_detail'),
    (r'^dept_del_ajax/$', 'dept_del_ajax'),
    (r'^dept_edit/$', 'dept_edit'),
-    (r'^group_add/$', 'group_add'),
+    (r'^dept_user_ajax/$', 'dept_user_ajax'),
+    (r'^group_add/$', view_splitter, {'su': group_add, 'adm': group_add_adm}),
    (r'^group_list/$', view_splitter, {'su': group_list, 'adm': group_list_adm}),
    (r'^group_detail/$', 'group_detail'),
-    (r'^group_del/$', 'group_del'),
+    (r'^group_del/$', view_splitter, {'su': group_del, 'adm': group_del_adm}),
    (r'^group_del_ajax/$', 'group_del_ajax'),
    (r'^group_edit/$', view_splitter, {'su': group_edit, 'adm': group_edit_adm}),
    (r'^user_add/$', 'user_add'),
-    (r'^user_list/$', 'user_list'),
+    (r'^user_list/$', view_splitter, {'su': user_list, 'adm': user_list_adm}),
    (r'^user_detail/$', 'user_detail'),
    (r'^user_del/$', 'user_del'),
    (r'^user_del_ajax/$', 'user_del_ajax'),
-    (r'^user_edit/$', 'user_edit'),
+    (r'^user_edit/$', view_splitter, {'su': user_edit, 'adm': user_edit_adm}),
    (r'^profile/$', 'profile'),
    (r'^chg_pass/$', 'chg_pass'),
 )
--- a/juser/views.py
+++ b/juser/views.py
--- a/templates/juser/dept_user_ajax.html
+++ b/templates/juser/dept_user_ajax.html
+{% for user in users %}
+    <option value="{{ user.id }}">{{ user.name }}</option>
+{% endfor %}
\ No newline at end of file
--- a/templates/juser/group_add.html
+++ b/templates/juser/group_add.html
@@ -40,17 +40,19 @@
                                    <input id="group_name" name="group_name" placeholder="Group name" type="text" class="form-control" value="{{ group_name }}">
                                </div>
                            </div>
+                            {% ifequal session_role_id 2 %}
                            <div class="hr-line-dashed"></div>
                            <div class="form-group">
                                <label for="dept_id" class="col-sm-2 control-label">部门<span class="red-fonts">*</span></label>
                                <div class="col-sm-8">
-                                    <select id="dept_id" name="dept_id" class="form-control m-b">
+                                    <select id="dept_id" name="dept_id" class="form-control m-b" onchange="change_dept(this.value)">
                                        {% for dept in dept_all %}
                                            <option value="{{ dept.id }}" selected>{{ dept.name }}</option>
                                        {% endfor %}
                                    </select>
                                </div>
                            </div>
+                            {% endifequal %}
                            <div class="hr-line-dashed"></div>
                            <div class="form-group">
                                <label for="users" class="col-lg-2 control-label">用户</label>
@@ -127,6 +129,16 @@ function change_type(type){
           })
 }
+function change_dept(dept_id){
+    $.get('/juser/dept_user_ajax/',
+            {'id': dept_id},
+            function(data){
+                $('#users').html(data)
+            })
+}
 $(document).ready(function(){
    $("#submit_button").click(function(){
        $('#users_selected option').each(function(){

--- a/templates/juser/group_edit.html
+++ b/templates/juser/group_edit.html
@@ -46,7 +46,7 @@
                            <div class="form-group">
                                <label for="dept_id" class="col-sm-2 control-label">部门<span class="red-fonts">*</span></label>
                                <div class="col-sm-8">
-                                    <select id="dept_id" name="dept_id" class="form-control m-b">
+                                    <select id="dept_id" name="dept_id" class="form-control m-b" onchange="change_dept(this.value)">
                                        {% for dept in dept_all %}
                                            {% ifequal group.dept.id dept.id %}
                                            <option value="{{ dept.id }}" selected>{{ dept.name }}</option>
@@ -88,7 +88,7 @@
                            <div class="form-group">
                                <label for="comment" class="col-sm-2 control-label">备注</label>
                                <div class="col-sm-8">
-                                    <input id="comment" name="comment" placeholder="Comment" type="text" class="form-control" value="{{ comment }}">
+                                    <input id="comment" name="comment" placeholder="Comment" type="text" class="form-control" value="{{ group.comment }}">
                                </div>
                            </div>
@@ -145,6 +145,16 @@ $(document).ready(function(){
    })
 })
+function change_dept(dept_id){
+    $.get('/juser/dept_user_ajax/',
+            {'id': dept_id},
+            function(data){
+                $('#users').html(data);
+                $('#users_selected').html('')
+            })
+}
 </script>
 {% endblock %}
\ No newline at end of file
--- a/templates/juser/user_edit.html
+++ b/templates/juser/user_edit.html
@@ -39,6 +39,7 @@
                            <div class="form-group">
                                <label for="username" class="col-sm-2 control-label">用户名<span class="red-fonts">*</span></label>
                                <div class="col-sm-8">
+                                    <input id="user_id" name="user_id" type="text"  value="{{ user.id }}" style="display: none">
                                    <input id="username" name="username" placeholder="Username" type="text" class="form-control" value="{{ user.username }}" readonly>
                                </div>
                            </div>
@@ -70,6 +71,7 @@
                                </div>
                            </div>
                            <div class="hr-line-dashed"></div>
+                            {% ifequal session_role_id 2 %}
                            <div class="form-group">
                                <label for="dept_id" class="col-lg-2 control-label">部门<span class="red-fonts">*</span></label>
                                <div class="col-sm-8">
@@ -85,6 +87,7 @@
                                </div>
                            </div>
                            <div class="hr-line-dashed"></div>
+                            {% endifequal %}
                            <div class="form-group">
                                <label for="groups" class="col-lg-2 control-label">小组</label>
                                <div class="col-sm-8">
@@ -99,6 +102,7 @@
                                    </select>
                                </div>
                            </div>
+                            {% ifequal session_role_id 2 %}
                            <div class="hr-line-dashed"></div>
                            <div class="form-group">
                                <label for="role" class="col-lg-2 control-label">角色<span class="red-fonts">*</span></label>
@@ -114,6 +118,7 @@
                                    </select>
                                </div>
                            </div>
+                            {% endifequal %}
                            <div class="hr-line-dashed"></div>
                            <div class="form-group">
                                <label for="email" class="col-sm-2 control-label">Email<span class="red-fonts">*</span></label>

--- a/templates/juser/user_list.html
+++ b/templates/juser/user_list.html
@@ -73,8 +73,14 @@
                                <td class="text-center">{{ user.is_active|bool2str }}</td>
                                <td class="text-center">
                                    <a title="[ {{ user.name }} ] 详情" href="../user_detail/?id={{ user.id }}" class="iframe btn btn-xs btn-primary">详情</a>
+                                    {% ifequal session_role_id 2 %}
                                    <a href="../user_edit/?id={{ user.id }}" class="btn btn-xs btn-info">编辑</a>
                                    <a href="../user_del/?id={{ user.id }}" class="btn btn-xs btn-danger">删除</a>
+                                    {% else %}
+                                    <a href="../user_edit/?id={{ user.id }}" class="btn btn-xs btn-info {% if user.id|user_readonly %} disabled {% endif %}">编辑</a>
+                                    <a href="../user_del/?id={{ user.id }}" class="btn btn-xs btn-danger {% if user.id|user_readonly %} disabled {% endif %}">删除</a>
+                                    {% endifequal %}
                                </td>
                            </tr>
                        {% endfor %}

--- a/templates/nav.html
+++ b/templates/nav.html
@@ -91,7 +91,7 @@
                <a href="#"><i class="fa fa-rebel"></i> <span class="nav-label">用户管理</span><span class="fa arrow"></span></a>
                <ul class="nav nav-second-level">
                    <li class="dept_list dept_edit"><a href="/juser/dept_list/">查看部门</a></li>
-                    <li class="group_list"><a href="/juser/group_list/">查看小组</a></li>
+                    <li class="group_list group_edit"><a href="/juser/group_list/">查看小组</a></li>
                    <li class="group_add"><a href="/juser/group_add/">添加小组</a></li>
                    <li class="user_list"><a href="/juser/user_list/">查看用户<span class="label {% ifequal user_active_num user_total_num %}label-primary {% else %}label-warning {% endifequal %}pull-right">{{ user_active_num }}/{{ user_total_num }}</span></a></li>
                    <li class="user_add"><a href="/juser/user_add/">添加用户</a></li>